Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0923EA14CD1611EF801CC9B3762E951A.roa
File: 0923EA14CD1611EF801CC9B3762E951A.roa (raw, json)
Hash identifier: 0ujajvIEo4SdKnNauiugOzcKBIg8/vzxacXTIVAomSY=
Subject key identifier: 7C:2F:64:42:AC:D5:B4:BC:2B:FF:31:6A:CE:FD:F2:76:8D:A0:D5:9F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0923EA14CD1611EF801CC9B3762E951A.roa
Signing time: Tue 07 Jan 2025 16:40:00 +0000
ROA not before: Tue 07 Jan 2025 16:39:56 +0000
ROA not after: Mon 13 Dec 2027 16:39:56 +0000
asID: 17561
IP address blocks: 156.241.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64795 (0xfd1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:39:56 2025 GMT
Not After : Dec 13 16:39:56 2027 GMT
Subject: CN=677d58e0-599c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:6d:0f:7f:8c:f3:e8:ec:2b:ed:69:f9:78:99:
0c:61:5c:70:6b:9d:23:11:01:77:1c:27:2a:f0:64:
38:76:c8:e8:d7:9a:45:c3:f2:8e:b4:d1:83:0f:f4:
1e:8b:52:b6:66:39:e4:5b:2a:e8:7f:93:dd:be:ed:
3e:23:8a:83:45:71:bc:09:83:a0:27:a7:43:65:4f:
16:c1:d5:fc:23:e1:c5:99:9b:4a:94:80:6c:e3:47:
7a:e3:19:b5:96:7a:a3:84:b3:0d:a9:a4:6d:ca:73:
df:30:20:8e:de:07:7b:fc:8b:5e:80:32:65:e1:a9:
fb:94:57:dc:d9:1a:b8:52:3f:41:d1:83:07:84:f2:
3d:89:6b:f0:16:28:a7:a2:f5:78:62:1b:6f:6c:87:
96:96:cd:a0:e8:36:9f:93:ed:01:e5:33:e0:b0:c2:
f7:e2:fa:80:3e:68:d3:29:46:d4:d9:c1:7b:57:84:
87:d0:2f:19:01:ab:32:3e:3d:2c:a2:b4:cb:75:6f:
64:ee:d8:ca:c8:89:7d:ba:cf:93:26:04:4f:16:3d:
f7:10:dc:16:1c:69:a9:88:bd:8c:3d:af:2a:ce:9d:
e7:8d:49:20:d4:b3:3e:93:fb:7a:99:b5:4a:2e:9b:
4a:33:45:3b:84:d8:19:ea:b2:40:57:ee:d1:f6:1a:
97:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2F:64:42:AC:D5:B4:BC:2B:FF:31:6A:CE:FD:F2:76:8D:A0:D5:9F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0923EA14CD1611EF801CC9B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.17.0/24
Signature Algorithm: sha256WithRSAEncryption
47:94:f7:17:79:59:af:a4:44:5d:93:d8:da:99:0f:a4:5c:e6:
f9:df:7e:3f:a0:09:f5:06:c7:59:e4:c0:4f:d0:e2:76:db:ca:
ae:86:a4:fb:35:99:86:4a:b3:9b:49:7c:4e:9d:88:fd:57:1f:
d9:45:7e:6c:6e:3c:d1:ac:d5:4a:da:84:c6:fc:89:15:62:99:
3c:7e:c6:4a:a0:f1:9d:b1:5e:f3:03:76:f7:0a:93:27:a8:26:
d0:55:ef:4c:6b:ac:e9:fc:2e:e6:94:e4:69:56:3e:9f:9b:bf:
8f:10:f3:ae:21:3e:b3:02:58:ae:ba:0b:c9:a5:10:85:2c:9f:
7e:dd:44:2b:bd:7e:67:de:89:cf:35:00:8b:26:fe:81:12:ac:
8c:55:fb:ab:66:78:a9:4c:c7:5b:95:29:38:2e:3d:37:1e:2e:
6d:0f:28:80:2b:f8:79:6c:39:b1:a6:61:4f:b3:05:51:f8:07:
c8:c6:4c:ba:28:9e:8f:7b:47:66:ec:ed:83:5b:76:40:29:b9:
18:55:49:4b:a7:6f:a6:77:ae:5b:6f:9b:1f:5a:03:3b:fb:de:
31:0b:c4:7d:86:33:2b:57:c4:e4:87:b0:6a:5f:ba:5a:ea:b9:
f7:a9:f7:70:83:75:51:d7:65:20:57:dd:91:83:19:ee:3f:19:
e1:80:3e:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYzOTU2WhcNMjcxMjEzMTYzOTU2WjAYMRYw
FAYDVQQDEw02NzdkNThlMC01OTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA820Pf4zz6Owr7Wn5eJkMYVxwa50jEQF3HCcq8GQ4dsjo15pFw/KOtNGD
D/Qei1K2ZjnkWyrof5Pdvu0+I4qDRXG8CYOgJ6dDZU8WwdX8I+HFmZtKlIBs40d6
4xm1lnqjhLMNqaRtynPfMCCO3gd7/ItegDJl4an7lFfc2Rq4Uj9B0YMHhPI9iWvw
FiinovV4YhtvbIeWls2g6Dafk+0B5TPgsML34vqAPmjTKUbU2cF7V4SH0C8ZAasy
Pj0sorTLdW9k7tjKyIl9us+TJgRPFj33ENwWHGmpiL2MPa8qzp3njUkg1LM+k/t6
mbVKLptKM0U7hNgZ6rJAV+7R9hqXSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHwv
ZEKs1bS8K/8xas798naNoNWfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOTIzRUExNENEMTYxMUVGODAxQ0M5QjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPERMA0GCSqGSIb3DQEBCwUA
A4IBAQBHlPcXeVmvpERdk9jamQ+kXOb5334/oAn1BsdZ5MBP0OJ228quhqT7NZmG
SrObSXxOnYj9Vx/ZRX5sbjzRrNVK2oTG/IkVYpk8fsZKoPGdsV7zA3b3CpMnqCbQ
Ve9Ma6zp/C7mlORpVj6fm7+PEPOuIT6zAliuugvJpRCFLJ9+3UQrvX5n3onPNQCL
Jv6BEqyMVfurZnipTMdblSk4Lj03Hi5tDyiAK/h5bDmxpmFPswVR+AfIxky6KJ6P
e0dm7O2DW3ZAKbkYVUlLp2+md65bb5sfWgM7+94xC8R9hjMrV8Tkh7BqX7pa6rn3
qfdwg3VR12UgV92RgxnuPxnhgD4D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:03 2025 by rpki-client